Side Channel Attack – Measurement Setup

I’m currently comparing the resilience of different elliptic curve algorithms on smart cards with regard to simple power analysis (SPA) attacks. This is how I prepared the card reader for my measurements with the oscilloscope.

First of all you will need the following:

Smart Card Reader

Oscilloscope or Data Acquisition Card

Soldering Iron

Multimeter

Patience 🙂

Opening the Reader:

First you will need to open the card reader. My card reader was pretty easy to open: There were small square plastic button “thingies” holding the casing together. After pushing them with a screw driver the casing opened up nicely. Nothing broke and you can easily reassemble the parts by just pushing them together.

Smart card reader

Bridging the GND-Line
Now comes the tricky part: In order to measure the power consumption of the smart-card you will need to insert a resistor in the GND-Line. This part depends on your reader and you should be careful to bridge the right line! The ground can be identified by following the contacts in the opened reader and following it to the corresponding smart-card contact. The following picture (Wikipedia) shows the different contacts:

Once you identified the correct reader-side contact, you will have to identify a place where you could insert the bridge. For my card it was where the contact went through the board (illustrated with the arrows). First you will need to interrupt the line and verify with a multimeter that there is no connection where you placed the cut. Here is how I did it:

Front side of the opened reader

Back side of the opened reader

Front side with attached clamp

On the front side the GND-Line reappears and enters the circuit. I attached on each side of the cut a clamp where I can insert and quickly change the resistor if needed. The resistor is needed because the voltage over the resistor is proportional to the power-consumption of the card, which is what you want to measure during a power analysis.

Attaching the oscilloscope
Now comes the easy part: You need to attach the oscilloscope to the reader. Connect the probe to the GND-Line before the resistor (on the back side for my reader) and the GND-Line of the oscilloscope after the resistor.

Attached oscilloscope

Measurements
To get some data you should now attach the reader to your PC and launch an applet on the card. A good way to see something on the oscilloscope is to write an Applet that runs a loop of RSA encryptions. To test my setup I wrote an Applet that performs 1000 RSA-Encryptions with the same key and the same data. This gives me enough time to calibrate the oscilloscope and focus on the interesting part of the signal. An interesting point is that you can see very nicely when the co-processor is active.

Full measurement setup

Some power traces
Here are some of my measurements for the elliptic curve operations. It is very easy for an attacker to extract the secret key if you have an implementation that allows you to distinguish different operations. In my case it is easy to distinguish the EC-Point addition with EC-Point doubling. Using the sequence of additions (A) and doublings (D) it is easy to reconstruct the secret key.